Trust Anchor

March 5, 2018

Trust Anchor

You are here:
< Back

A public key and the name of a certification authority that is used to validate the first certificate in a sequence of certificates. The trust anchor’s public key is used to verify the signature on a certificate issued by a trust anchor certification authority. The security of the validation process depends upon the authenticity and integrity of the trust anchor. Trust anchors are often distributed as self-signed certificates.
SOURCE: SP 800-57 Part 1

An established point of trust (usually based on the authority of some person, office, or organization) from which an entity begins the validation of an authorized process or authorized (signed) package. A “trust anchor” is sometimes defined as just a public key used for different purposes (e.g., validating a Certification Authority, validating a signed software package or key, validating the process [or person] loading the signed software or key).

A public or symmetric key that is trusted because it is directly built into hardware or software, or securely provisioned via out-of-band means, rather than because it is vouched for by another trusted entity (e.g. in a public key certificate).
SOURCE: SP 800-63